Skip to main content
placeholder image

Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage

Journal Article


Download full-text (Open Access)

Abstract


  • Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence, an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined "privacy against third party verifiers" as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.'s proposal, require the data owner to publish some meta-data related to the stored data. We show that the auditor can tell whether or not a client has stored a specific file and link various parts of those files based solely on the published meta-data in Hao et al.'s protocol. In other words, the notion "privacy against third party verifiers" is not sufficient in protecting data privacy, and hence, we introduce "zero-knowledge privacy" to ensure the third party verifier learns nothing about the client's data from all available information. We enhance the privacy of Hao et al.'s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal. © 2014 Springer-Verlag Berlin Heidelberg.

UOW Authors


  •   Yu, Yong (external author)
  •   Au, Man Ho Allen (external author)
  •   Mu, Yi (external author)
  •   Tang, S (external author)
  •   Ren, J (external author)
  •   Susilo, Willy
  •   Dong, Liju (external author)

Publication Date


  • 2015

Citation


  • Yu, Y., Au, M., Mu, Y., Tang, S., Ren, J., Susilo, W. & Dong, L. (2015). Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. International Journal of Information Security, 14 (4), 307-318.

Scopus Eid


  • 2-s2.0-85028197535

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=5148&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/4127

Has Global Citation Frequency


Number Of Pages


  • 11

Start Page


  • 307

End Page


  • 318

Volume


  • 14

Issue


  • 4

Place Of Publication


  • Germany

Abstract


  • Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence, an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined "privacy against third party verifiers" as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.'s proposal, require the data owner to publish some meta-data related to the stored data. We show that the auditor can tell whether or not a client has stored a specific file and link various parts of those files based solely on the published meta-data in Hao et al.'s protocol. In other words, the notion "privacy against third party verifiers" is not sufficient in protecting data privacy, and hence, we introduce "zero-knowledge privacy" to ensure the third party verifier learns nothing about the client's data from all available information. We enhance the privacy of Hao et al.'s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal. © 2014 Springer-Verlag Berlin Heidelberg.

UOW Authors


  •   Yu, Yong (external author)
  •   Au, Man Ho Allen (external author)
  •   Mu, Yi (external author)
  •   Tang, S (external author)
  •   Ren, J (external author)
  •   Susilo, Willy
  •   Dong, Liju (external author)

Publication Date


  • 2015

Citation


  • Yu, Y., Au, M., Mu, Y., Tang, S., Ren, J., Susilo, W. & Dong, L. (2015). Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. International Journal of Information Security, 14 (4), 307-318.

Scopus Eid


  • 2-s2.0-85028197535

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=5148&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/4127

Has Global Citation Frequency


Number Of Pages


  • 11

Start Page


  • 307

End Page


  • 318

Volume


  • 14

Issue


  • 4

Place Of Publication


  • Germany